In the era of today’s Internet of Things, embedded systems are becoming important components for accessing the cloud, which are used in both secure and privacy-sensitive applications or devices frequently. However, the underlying software (a.k.a. firmware) often suffered from a wide range of security vulnerabilities. The complexity and heterogeneous of the underlying hardware platform, the difference of the hardware and software implementation, the specificity and limited document, together with limited running environment made some of very good dynamic testing tools for desktop systems hard to (even impossible) be adapted to embedded devices/firmware environment directly. In recent years, researchers have made great progress in detecting well-known vulnerabilities in embedded device firmware based on binary code similarity analysis. Focusing on the key technical challenges of binary code similarity analysis, the existing binary code similarity analysis technologies are studied systematically; the general process, technical characteristics, and evaluation criteria of these technologies are analyzed and compared comprehensively. Then, the application of these technologies is analyzed and summarized in the field of embedded device firmware vulnerability search. At last, some technical challenges in this field are presented and some open future research directions are proposed for the related researchers.